PT-2024-28710 · Unknown · Tone Store App

Name of the Vulnerable Software and Affected Versions: TONE store App versions 3.4.2 and earlier Description: The issue is related to an unprotected primary channel in the TONE store App, which communicates with the TONE store website in cleartext. This could allow a man-in-the-middle attack,...

R7-2017-02: Hyundai Blue Link Potential Info Disclosure (FIXED)

Summary Due to a reliance on cleartext communications and the use of a hard-coded decryption password, two outdated versions of Hyundai Blue Link application software, 3.9.4 and 3.9.5 potentially expose sensitive information about registered users and their vehicles, including application...

R7-2016-23, R7-2016-26, R7-2016-27: Multiple Home Security Vulnerabilities

Executive Summary In October of 2016, former Rapid7 researcher Phil Bosco discovered a number of relatively low-risk vulnerabilities and issues involving home security systems that are common throughout the United States, and which have significant WiFi or Ethernet capabilities. The three systems...